Report - www.sharefilesxp.work.gd/

Report Overview

Submitted URL
www.sharefilesxp.work.gd/
IP
139.59.17.23
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-02 03:59:14
Access
public
Website Title
Discount Card Up to 50% Off | Discount Center | Jobs
Final URL
www.sharefilesxp.work.gd/
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
14
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-01	1.5 kB	55 kB	142.250.74.106
vsa86.tawk.to	unknown	unknown	2020-03-11	2024-04-30	1.1 kB	417 B	104.22.25.131
www.sharefilesxp.work.gd	unknown	2022-06-18	2023-03-12	2023-09-29	5.8 kB	5.4 kB	139.59.17.23
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-01	1.5 kB	178 kB	104.17.25.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-01	499 B	27 kB	151.101.193.229
unpkg.com	11693	2016-01-06	2016-01-08	2024-05-01	416 B	56 kB	104.17.249.203
embed.tawk.to	8650	unknown	2014-03-19	2024-05-01	7.3 kB	745 kB	104.22.25.131
va.tawk.to	8297	unknown	2017-01-30	2024-05-01	2.7 kB	39 kB	104.22.25.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js	226 kB	2024-04-22	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 12:41:09 Last Seen2024-05-17 06:44:44 Times Seen255 Hash 5ff5b56dd253d3fd717915b2773593d3 3fcb89abd877241f130e2712b54233763d0d2b03 162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js	17 kB	2023-10-31	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 10:48:20 Last Seen2024-05-17 06:44:45 Times Seen21899 Hash 7f37a030886ec7fce1d065ec482789ee 661ad608ac1513e2ccdec4cd55eb552a8604c8f6 75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js	113 kB	2024-04-23	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 09:09:33 Last Seen2024-05-17 06:44:45 Times Seen371 Hash 44934d48f839e3143311bc044e6e0d89 a96c3d95be19a80330977acead67fd9b92ac6e4b 500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js	906 B	2023-06-02	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 11:09:48 Last Seen2024-05-17 06:44:44 Times Seen32303 Hash 1c5ecf371149feca23bd895ba9dfec4d 6f6213ae4c63d959441572d232f0425467ed05de fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84 Loading...

	www.sharefilesxp.work.gd/	0 B	2023-03-07	2024-05-17
Pretty URL www.sharefilesxp.work.gd/ IP 139.59.17.23 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-17 08:24:00 Times Seen37731820 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unpkg.com/card@2.3.0/dist/card.js	95 kB	2024-05-02	2024-05-02
Pretty URL unpkg.com/card@2.3.0/dist/card.js IP 104.17.249.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 05:59:19 Last Seen2024-05-02 05:59:19 Times Seen2 Hash e6ea1adac73bdf64f69f75b8f8b45b94 58696e0368b370587d5fea8610d02b0fc71dc595 31fe01b8d1ae1aff3975719c3fed0b2bc3d431443e8b4433e08aa5beb00aa20b Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js	217 kB	2024-03-08	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:46:54 Last Seen2024-05-17 06:44:44 Times Seen610 Hash 1c73b4eb89bbe24ecf154b671ddbcafc 75e59ec09164b620648be5cc80048372e6c62aa5 972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js	18 kB	2024-04-23	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 09:09:34 Last Seen2024-05-17 06:44:45 Times Seen371 Hash 6bf62c737dec7d16542425992be5986c 7f5ec461a46e4526fcf8ed0a24f758bd0168e5b0 2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js	9.9 kB	2023-12-06	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 05:31:15 Last Seen2024-05-17 06:44:44 Times Seen5080 Hash 70aec2dd89cac4933594c25b71d61f46 3dfe6f517bd57abbea46dd4da776e80270d9db5f cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js	535 B	2023-06-02	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 11:09:48 Last Seen2024-05-17 06:44:44 Times Seen32266 Hash c506281367048d4a134c9affbc68c8c6 ffa331eb81694501d6ff64ae2d1f7e667529c3ba 7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df Loading...

	embed.tawk.to/610e5aadd6e7610a49af0b0d/1fcg14e58	2.1 kB	2024-05-02	2024-05-02
Pretty URL embed.tawk.to/610e5aadd6e7610a49af0b0d/1fcg14e58 IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 05:59:19 Last Seen2024-05-02 05:59:19 Times Seen1 Hash 9fbf56524d4454868a46aeb00882bd8c 4ebf013731843e211565ffe7364c26a1dd449953 16164fb4471b196a2dd15197e17dd16293a6aacbf66a60b1b31a25ed090e9da8 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js	83 kB	2024-03-08	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:46:53 Last Seen2024-05-17 06:44:44 Times Seen618 Hash 3b341e35b39f6195793ecaf5db7c1d63 3ef56ed9ac8bfbf5347dc4592653703f59763083 548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js	121 B	2023-03-07	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-17 06:44:44 Times Seen46173 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js	151 B	2023-03-07	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-17 06:44:44 Times Seen46852 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js	2.3 kB	2024-04-22	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 12:41:08 Last Seen2024-05-17 06:44:44 Times Seen249 Hash d1dc816c161b3a7313b3d42f478f140a 66e30073ff65f5b96fed00992224f97dd93453bc cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js	699 B	2023-10-20	2024-05-17
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-20 20:17:18 Last Seen2024-05-17 06:44:45 Times Seen16552 Hash 838903127a65ec440893b4945c40ca4a 827f3e5341f56fa4473d53b788af41ec6bf21b8b 89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3 Loading...

HTTP Transactions (43)

URL IP Response Size

www.sharefilesxp.work.gd/

139.59.17.23

200 OK

162 B

URL User Request GET HTTP/2
www.sharefilesxp.work.gd/
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET / HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 May 2024 03:58:49 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.sharefilesxp.work.gd/

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

104.17.25.14

200 OK

17 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65317)
Size
17 kB (17041 bytes)
Hash
6386fb409d4a2abc96eee7be8f6d4cc4
09102cfc60efb430a25ee97cee9a6a35df6dfc59
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

HTTP Headers

GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/css; charset=utf-8
content-length: 17041
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-4291"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 128475
expires: Tue, 22 Apr 2025 03:58:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cl0243BPQ8HDZbi4XHGosAngQJQJy7hJQKFwAZaX5h91jzpQi3a%2FJ3oo9ahWEouq6u4eRT7agJ11Kb98RevB8%2FnH4MvGmgT7lPuLapjHcJSDvvl4UI8aCY0Xm%2B03NQyqWEW2%2FUQN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d518649e515693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 124329
expires: Tue, 22 Apr 2025 03:58:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4y4bdqVvwGFwUTnX5V7z9Yj9goz6tvClR5785DSxLJFXQcqdujRpZuqd0kRYb4%2F5dMi5EjIU6ju%2Fb4h%2B3rGULwCf86ebdi%2F4bkH6I4vxSLIMQ%2Bgk5KqbgQPxvZMSctVRU6Gam7E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d51864dcd256be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
26 kB (26333 bytes)
Hash
94994c66fec8c3468b269dc0cc242151
ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

HTTP Headers

GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: br
accept-ranges: bytes
date: Thu, 02 May 2024 03:58:51 GMT
age: 1382073
x-served-by: cache-fra-etou8220101-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
X-Firefox-Spdy: h2

www.sharefilesxp.work.gd/polyfills.4ec8c3f0e0c9c518.js

139.59.17.23

404 Not Found

661 B

URL GET HTTP/2
www.sharefilesxp.work.gd/polyfills.4ec8c3f0e0c9c518.js
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text
Size
661 B (661 bytes)
Hash
0ded55bbc67c31388ca0ab0fa0bf56cc
a87ab9d3df7f94d4bbb4f1b458bae05385a555b8
0bfb72d449a76c654d65f6c8505324abc76d61f2901eac56e210a6438bbb0bd0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /polyfills.4ec8c3f0e0c9c518.js HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

154 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 154228, version 769.768
Size
154 kB (154228 bytes)
Hash
55b416a8df21f9f987aa352f10d1343b
2717f3f58271f2f2e6120d9937c7227002656d34
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

HTTP Headers

GET /ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:51 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 154228
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "623a082a-25a74"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 25406
expires: Tue, 22 Apr 2025 03:58:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=665Avw6ONhw8OBCDMFAK9jVjmNT1bkJMHqJTYnzIO1ZAo3OzvosEj5sutGgpCBcqXmMf8gni65l2x7YTEsUb5q76U2hPc9eN9UK2lVqZrAOFmmq3JyYSdURN4TunUvAeKe4deYSb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d51866ef6c5693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/card@2.3.0/dist/card.js

104.17.249.203

200 OK

55 kB

URL GET HTTP/2
unpkg.com/card@2.3.0/dist/card.js
IP
104.17.249.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
JavaScript source, ASCII text, with very long lines (27637), with CRLF, LF line terminators
Size
55 kB (55298 bytes)
Hash
e6ea1adac73bdf64f69f75b8f8b45b94
58696e0368b370587d5fea8610d02b0fc71dc595
31fe01b8d1ae1aff3975719c3fed0b2bc3d431443e8b4433e08aa5beb00aa20b

HTTP Headers

GET /card@2.3.0/dist/card.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:51 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Thu, 20 Apr 2017 16:49:31 GMT
etag: "173b9-WGluA2izcFh9X+qGENArD8cdxZU"
via: 1.1 fly.io
fly-request-id: 01HWR7FE1KS0WV3DY2HBP7A9G1-arn
cf-cache-status: HIT
age: 117227
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d51864ee9c569f-OSL
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css

104.22.25.131

200 OK

21 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20583 bytes)
Hash
aa429d098305efeb3d236b3872f2da79
e0d6e416eb7c1c8f10ec76f835eda23d5c1d0ab0
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c

HTTP Headers

GET /_s/v4/app/6625f366c87/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=78232
access-control-allow-origin: *
etag: W/"05d886069cda40a8e20243d226b04764"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: STALE
cf-cache-status: HIT
age: 114410
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d51871b85fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

va.tawk.to/v1/session/start

104.22.25.131

200 OK

11 kB

URL POST HTTP/3
va.tawk.to/v1/session/start
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JSON text data
Size
11 kB (11409 bytes)
Hash
d6c4d73d64e2ac333bd190b151192696
4066e6356622e7e84aa0724894aa9d5bf93e47ef
634203d38c3ed5a29637d3fc0bb9311ff67697668cab2f11c136be63b00a874a

HTTP Headers

POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sharefilesxp.work.gd/
Content-Type: application/json; charset=utf-8
Content-Length: 186
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-7m9l
access-control-allow-origin: https://www.sharefilesxp.work.gd
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d5186d8e0db518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

va.tawk.to/v1/widget-settings?propertyId=610e5aadd6e7610a49af0b0d&widgetId=1fcg14e58&sv=null

104.22.25.131

200 OK

16 kB

URL GET HTTP/3
va.tawk.to/v1/widget-settings?propertyId=610e5aadd6e7610a49af0b0d&widgetId=1fcg14e58&sv=null
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JSON text data
Size
16 kB (15511 bytes)
Hash
8d7a736ad6ffc49cad479ba5226cf324
b48cff765707280eac8db520ba866659b2ae85e9
91e7ed065277e70c05b89f6076e3bf4106d0ebf50731bb716caf3908e145e026

HTTP Headers

GET /v1/widget-settings?propertyId=610e5aadd6e7610a49af0b0d&widgetId=1fcg14e58&sv=null HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sharefilesxp.work.gd/
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-lwlr
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-12-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d5186c6bbd712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

va.tawk.to/v1/session/start

104.22.25.131

200 OK

8.5 kB

URL POST HTTP/3
va.tawk.to/v1/session/start
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
data
Size
8.5 kB (8455 bytes)
Hash
91506d7088d6ccd18037be83a701907f
736821fb6c6d613a1b6c9fc7d7ece0cd996940db
11a733840b1e14dd932b14b7471a15952339a7ace0d4216ca1e59fba0d24f19c

HTTP Headers

OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sharefilesxp.work.gd/
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-77hx
access-control-allow-origin: https://www.sharefilesxp.work.gd
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, s-maxage=600, max-age=600
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d5186c6bbe712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

va.tawk.to/log-performance/v3

104.22.25.131

200 OK

0 B

URL OPTIONS HTTP/3
va.tawk.to/log-performance/v3
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sharefilesxp.work.gd/
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:54 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-c61l
access-control-allow-origin: https://www.sharefilesxp.work.gd
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, s-maxage=600, max-age=600
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518759a29b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.sharefilesxp.work.gd/assets/css/style.css

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/assets/css/style.css
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:52 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js

104.22.25.131

200 OK

121 B

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with no line terminators
Size
121 B (121 bytes)
Hash
3b41342f7e3be590563e8e3b5ff770c7
c9ca54d23ea78b320f080b76e22bb6b4e704d55f
ef04d89daeed55613a63a4af62c147ce86e4a7f22c8ce700dd6bdb11ab187e43

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518685efc56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js

104.22.25.131

200 OK

18 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (18229), with no line terminators
Size
18 kB (18229 bytes)
Hash
6bf62c737dec7d16542425992be5986c
7f5ec461a46e4526fcf8ed0a24f758bd0168e5b0
2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"6bf62c737dec7d16542425992be5986c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 128467
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518710812b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css

104.22.25.131

200 OK

25 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with very long lines (24751), with no line terminators
Size
25 kB (24751 bytes)
Hash
d4f9ad34fae3ba64cbc48057dc47e968
f8d0d55dc6e9b5d53f74b0b8bfc5e2edbdb0618d
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

HTTP Headers

GET /_s/v4/app/6625f366c87/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24831
access-control-allow-origin: *
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 124335
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518718846b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.sharefilesxp.work.gd/assets/vendor/owl-carousel/css/owl.theme.default.css

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/assets/vendor/owl-carousel/css/owl.theme.default.css
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /assets/vendor/owl-carousel/css/owl.theme.default.css HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

www.sharefilesxp.work.gd/runtime.d107856358cefd23.js

139.59.17.23

404 Not Found

0 B

URL GET HTTP/2
www.sharefilesxp.work.gd/runtime.d107856358cefd23.js
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /runtime.d107856358cefd23.js HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js

104.22.25.131

200 OK

151 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
04a9862af6efaf787bc8fb8e99ba6987
a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3
ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518687967712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js

104.22.25.131

200 OK

113 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65464)
Size
113 kB (113121 bytes)
Hash
44934d48f839e3143311bc044e6e0d89
a96c3d95be19a80330977acead67fd9b92ac6e4b
500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"44934d48f839e3143311bc044e6e0d89"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: STALE
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 124339
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518711820b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.sharefilesxp.work.gd/assets/vendor/owl-carousel/css/owl.carousel.min.css

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/assets/vendor/owl-carousel/css/owl.carousel.min.css
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /assets/vendor/owl-carousel/css/owl.carousel.min.css HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

www.sharefilesxp.work.gd/assets/siteimages/favicon_io/favicon.ico

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/assets/siteimages/favicon_io/favicon.ico
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /assets/siteimages/favicon_io/favicon.ico HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:52 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

va.tawk.to/log-performance/v3

104.22.25.131

200 OK

5 B

URL POST HTTP/3
va.tawk.to/log-performance/v3
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
38a8a3e3b4b6a6e4f295b2e0f899b1f0
474f5fac3d23afbaf16c5a31c98dfcd956e4c186
7652c7891ed06bce4174ab00a6ee9721daf6a4286929213ecb7daf42cd866615

HTTP Headers

POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sharefilesxp.work.gd/
Content-Type: application/json; charset=utf-8
Content-Length: 94
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:54 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-77hx
access-control-allow-origin: https://www.sharefilesxp.work.gd
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518773afbb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.sharefilesxp.work.gd/vendor/icon/themify-icons.css

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/vendor/icon/themify-icons.css
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /vendor/icon/themify-icons.css HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js

104.22.25.131

200 OK

17 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with CRLF, LF line terminators
Size
17 kB (17013 bytes)
Hash
7f37a030886ec7fce1d065ec482789ee
661ad608ac1513e2ccdec4cd55eb552a8604c8f6
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

HTTP Headers

GET /_s/v4/app/6625f366c87/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"7f37a030886ec7fce1d065ec482789ee"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 128459
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d51870dfebb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js

104.22.25.131

200 OK

699 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (725), with no line terminators
Size
699 B (699 bytes)
Hash
7c2c957f3cf80dadfd0cbb7c677a0869
30e8962bf64cc7349c9e61b40b8bab5aa598c63c
606127d882e34faee4895ad2cbf8a94d805fac37792c2cc2b9bc05ca3de743b1

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"838903127a65ec440893b4945c40ca4a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 128467
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d51871181fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.sharefilesxp.work.gd/vendor/icon/feather.css

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/vendor/icon/feather.css
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /vendor/icon/feather.css HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

www.sharefilesxp.work.gd/styles.a8e8501e31ca9113.css

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/styles.a8e8501e31ca9113.css
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /styles.a8e8501e31ca9113.css HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:52 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

104.22.25.131

200 OK

9.9 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (10730), with no line terminators
Size
9.9 kB (9929 bytes)
Hash
2ed46b3171b0456fda29f3bfda5f846e
0c4834c6f96e8640bcdd46c48396a1f1f7d287b2
0c9f49f27e34e05a7e4159648875b32880d3d986ee2d70d78d6138df5e9f1654

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"70aec2dd89cac4933594c25b71d61f46"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 128467
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518710811b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

104.22.25.131

200 OK

2.3 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (2349), with no line terminators
Size
2.3 kB (2306 bytes)
Hash
b53c7f9c174d9550ea8cc8116eaceb0e
d13a472451574fd2b6764490b56ff73ef283dffb
410afd8003984051641f398532a4835300e5301056fab4f0b9a596b516f2edc6

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"d1dc816c161b3a7313b3d42f478f140a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518686966712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900&display=swap

142.250.74.106

200 OK

9.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (9375), with no line terminators
Size
9.2 kB (9150 bytes)
Hash
6bed7a431d3e314eff841c78c235b50c
fae56b47596c007a4ed5ee8b3f2b5c4eb1bd9b26
75240d05b14ab56c5f591d8fecd2352c6022de78dcf4b1c590670f9df79154b5

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 03:58:51 GMT
date: Thu, 02 May 2024 03:58:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&family=Roboto:wght@300;400;500;700;900&display=swap

142.250.74.106

200 OK

35 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&family=Roboto:wght@300;400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1572)
Size
35 kB (34960 bytes)
Hash
1de07fe3f8413e401764ee263a106054
f61a7c69616c1dd872a1713eac91eb2251145f3a
08cb455ca6b83f6ed7600136579f56e8e8488a8e8327b387f7a39d50ee993daf

HTTP Headers

GET /css2?family=Open+Sans:wght@300;400;600;700&family=Roboto:wght@300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 03:58:51 GMT
date: Thu, 02 May 2024 03:58:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.sharefilesxp.work.gd/main.f6979f17aff823aa.js

139.59.17.23

404 Not Found

0 B

URL GET HTTP/2
www.sharefilesxp.work.gd/main.f6979f17aff823aa.js
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /main.f6979f17aff823aa.js HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/610e5aadd6e7610a49af0b0d/1fcg14e58

104.22.25.131

200 OK

2.1 kB

URL GET HTTP/2
embed.tawk.to/610e5aadd6e7610a49af0b0d/1fcg14e58
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (2310), with no line terminators
Size
2.1 kB (2123 bytes)
Hash
65a2dc4b1451d6007633ae4ba9c61e3f
84cefe95ef5b721e06e7a3eca696e483461f3c1d
4aa860f0c5af25df5b0e19e994699a30891a131836df50f9622f145162bc7565

HTTP Headers

GET /610e5aadd6e7610a49af0b0d/1fcg14e58 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-6625f366c87"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518671e5c56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js

104.22.25.131

200 OK

83 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
83 kB (82913 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518685efd56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js

104.22.25.131

200 OK

535 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (557), with no line terminators
Size
535 B (535 bytes)
Hash
3f4a6312d60391bda06462d7321ffcdc
9f09295297840a36d2ac95344b39b0af1a729f82
28d61df22c079e51c45b6f87db516f03cb85cf3f2c3a970be369944c3f91bcf1

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"c506281367048d4a134c9affbc68c8c6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 120040
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d51871181bb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

vsa86.tawk.to/s/?k=66330f7da3c8d40bf91e944d&cver=0&pop=false&asver=175&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTBlNWFhZGQ2ZTc2MTBhNDlhZjBiMGQiLCJ2aWQiOiI2MTBlNWFhZGQ2ZTc2MTBhNDlhZjBiMGQtbTI2Y09CQ2hIYWF6TWY2Mk5pemJxIiwic2lkIjoiNjYzMzBmN2RhM2M4ZDQwYmY5MWU5NDRkIiwiaWF0IjoxNzE0NjIyMzMzLCJleHAiOjE3MTQ2MjQxMzMsImp0aSI6ImlmU2l3Uk5sQkR2YmdNcWV2TERzcSJ9.u_QHelc4Dxu5J4lov8_UQKoBtUSeTEeQhLAkpRCi6dZxFWpb8HcKxnpcg_l6xW1_73t6SklWwYvhnjiAoXN2CA&EIO=3&transport=websocket&__t=OytT8AZ

104.22.25.131

101 Switching Protocols

0 B

URL GET HTTP/1.1
vsa86.tawk.to/s/?k=66330f7da3c8d40bf91e944d&cver=0&pop=false&asver=175&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTBlNWFhZGQ2ZTc2MTBhNDlhZjBiMGQiLCJ2aWQiOiI2MTBlNWFhZGQ2ZTc2MTBhNDlhZjBiMGQtbTI2Y09CQ2hIYWF6TWY2Mk5pemJxIiwic2lkIjoiNjYzMzBmN2RhM2M4ZDQwYmY5MWU5NDRkIiwiaWF0IjoxNzE0NjIyMzMzLCJleHAiOjE3MTQ2MjQxMzMsImp0aSI6ImlmU2l3Uk5sQkR2YmdNcWV2TERzcSJ9.u_QHelc4Dxu5J4lov8_UQKoBtUSeTEeQhLAkpRCi6dZxFWpb8HcKxnpcg_l6xW1_73t6SklWwYvhnjiAoXN2CA&EIO=3&transport=websocket&__t=OytT8AZ
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=66330f7da3c8d40bf91e944d&cver=0&pop=false&asver=175&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTBlNWFhZGQ2ZTc2MTBhNDlhZjBiMGQiLCJ2aWQiOiI2MTBlNWFhZGQ2ZTc2MTBhNDlhZjBiMGQtbTI2Y09CQ2hIYWF6TWY2Mk5pemJxIiwic2lkIjoiNjYzMzBmN2RhM2M4ZDQwYmY5MWU5NDRkIiwiaWF0IjoxNzE0NjIyMzMzLCJleHAiOjE3MTQ2MjQxMzMsImp0aSI6ImlmU2l3Uk5sQkR2YmdNcWV2TERzcSJ9.u_QHelc4Dxu5J4lov8_UQKoBtUSeTEeQhLAkpRCi6dZxFWpb8HcKxnpcg_l6xW1_73t6SklWwYvhnjiAoXN2CA&EIO=3&transport=websocket&__t=OytT8AZ HTTP/1.1
Host: vsa86.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.sharefilesxp.work.gd
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aNmzXk8Bqc9ei+3mj2tCpw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 02 May 2024 03:58:54 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 7C0wXZ/NIjI+Sgakeeu3a6lrqjY=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 87d5187178c8b52d-OSL
alt-svc: h3=":443"; ma=86400

www.sharefilesxp.work.gd/assets/js/plugin.js

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/assets/js/plugin.js
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /assets/js/plugin.js HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js

104.22.25.131

200 OK

217 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
217 kB (217197 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518685efe56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

142.250.74.106

200 OK

9.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (9600), with no line terminators
Size
9.3 kB (9348 bytes)
Hash
14947237ea2dd749ae125083525bd957
c5538d47cbd2b0959fee2e6837a1fc2e33563fbc
3cda3e604a3f1c5d1b7e5dd035dfacb996f1fe40e90e0279e9ee77ea01d5f944

HTTP Headers

GET /css2?family=Roboto:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 03:58:51 GMT
date: Thu, 02 May 2024 03:58:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.sharefilesxp.work.gd/assets/siteimages/servesmilelogo.png

139.59.17.23

404 Not Found

271 B

URL GET HTTP/2
www.sharefilesxp.work.gd/assets/siteimages/servesmilelogo.png
IP
139.59.17.23:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerLet's Encrypt
Subjectservesmile.in
Fingerprint05:72:42:06:E5:E3:B4:85:8A:99:E1:F6:CF:19:7F:62:92:27:43:F8
ValiditySat, 06 Apr 2024 13:28:27 GMT - Fri, 05 Jul 2024 13:28:26 GMT

File type
HTML document, ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
6e70b41ee8c58e192f202704309d0402
9a4ecf64d089b1baf1f176c2e7384f09a3b68e2e
cf97ec62f3664dc53501e3fec18fde8abd3200aee4a53465bc2e1894d54e8dc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /assets/siteimages/servesmilelogo.png HTTP/1.1
Host: www.sharefilesxp.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 03:58:51 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

104.22.25.131

200 OK

226 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
226 kB (225589 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sharefilesxp.work.gd
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:52 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"5ff5b56dd253d3fd717915b2773593d3"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518686f0856be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js

104.22.25.131

200 OK

906 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.sharefilesxp.work.gd/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (956), with no line terminators
Size
906 B (906 bytes)
Hash
7b31fafdf609238b7f4574e44057af5b
f4f849145e5beaff38b9e47e3c5c3e7e4945d70a
2b7dfb20a5ee49b709a4adc3412bd7d5e00539c1ef93a1a58c4ec58816c81ed3

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sharefilesxp.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:53 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 128467
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d518711819b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML